Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump golangci/golangci-lint-action from 2 to 3 #68

Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 8, 2023

Bumps golangci/golangci-lint-action from 2 to 3.

Release notes

Sourced from golangci/golangci-lint-action's releases.

v3.0.0

What's Changed

New Contributors

Full Changelog: golangci/golangci-lint-action@v2...v3.0.0

Bump version v2.5.2

Bug fixes

  • 5c56cd6 Extract and don't mangle User Args. (#200)

Dependencies

  • e3c53fe bump @​typescript-eslint/eslint-plugin (#194)
  • 3b9f80e bump @​typescript-eslint/parser from 4.18.0 to 4.19.0 (#195)
  • 9845713 bump @​types/node from 14.14.35 to 14.14.37 (#197)
  • e789ee1 bump eslint from 7.22.0 to 7.23.0 (#196)
  • f2e9a96 bump @​typescript-eslint/eslint-plugin (#188)
  • 818081a bump @​types/node from 14.14.34 to 14.14.35 (#189)
  • 6671836 bump @​typescript-eslint/parser from 4.17.0 to 4.18.0 (#190)
  • 526907e bump @​typescript-eslint/parser from 4.16.1 to 4.17.0 (#185)
  • 6b6ba16 bump @​typescript-eslint/eslint-plugin (#186)
  • 9cab4ef bump eslint from 7.21.0 to 7.22.0 (#187)
  • 0c76572 bump @​types/node from 14.14.32 to 14.14.34 (#184)
  • 0dfde21 bump @​typescript-eslint/parser from 4.15.2 to 4.16.1 (#182)
  • 9dcf389 bump typescript from 4.2.2 to 4.2.3 (#181)
  • 34d3904 bump @​types/node from 14.14.31 to 14.14.32 (#180)
  • e30b22f bump @​typescript-eslint/eslint-plugin (#179)
  • 8f30d25 bump eslint from 7.20.0 to 7.21.0 (#177)
  • 0b64a40 bump @​typescript-eslint/parser from 4.15.1 to 4.15.2 (#176)
  • 973b3a3 bump eslint-config-prettier from 8.0.0 to 8.1.0 (#178)
  • 6ea3de1 bump @​typescript-eslint/eslint-plugin (#175)
  • 6eec6af bump typescript from 4.1.5 to 4.2.2 (#174)

v2.5.1

Bug fixes:

  • d9f0e73 Check that go.mod exists in reading the version (#173)

v2.5.0

New Features:

  • 51485a4 Try to get version from go.mod file (#118)

... (truncated)

Commits
  • 639cd34 tests: increase timeout
  • 569abaa fix: out-format (#770)
  • c57cc43 build(deps-dev): bump typescript from 5.0.4 to 5.1.3 (#764)
  • 322510a feat: support out-format as args (#769)
  • 185e7a2 feat: add install-mode (#768)
  • 5be60c7 docs: improve args examples
  • 825a50d chore: update workflow and doc
  • 8c13ec4 doc: Add custom configuration file path to args (#767)
  • 416b5d0 build(deps-dev): bump @​typescript-eslint/parser from 5.59.7 to 5.59.8 (#765)
  • 66a6080 build(deps-dev): bump @​typescript-eslint/eslint-plugin from 5.59.7 to 5.59.8 ...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Aug 8, 2023
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 2 to 3.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](golangci/golangci-lint-action@v2...v3)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/github_actions/golangci/golangci-lint-action-3 branch from bb1c98b to 1792484 Compare August 28, 2023 05:51
@pohly pohly merged commit fe24d31 into master Aug 28, 2023
19 of 22 checks passed
@dependabot dependabot bot deleted the dependabot/github_actions/golangci/golangci-lint-action-3 branch August 28, 2023 06:10
oguzhand95 referenced this pull request in cerbos/cerbos Nov 6, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [github.com/aws/aws-sdk-go](https://togithub.com/aws/aws-sdk-go) |
require | minor | `v1.46.6` -> `v1.47.3` |
|
[github.com/bufbuild/protovalidate-go](https://togithub.com/bufbuild/protovalidate-go)
| require | minor | `v0.3.1` -> `v0.4.0` |
|
[github.com/cerbos/cerbos/api/genpb](https://togithub.com/cerbos/cerbos)
| require | digest | `f134903` -> `761a3dc` |
| [github.com/cerbos/cloud-api](https://togithub.com/cerbos/cloud-api) |
require | patch | `v0.1.8` -> `v0.1.9` |
| [github.com/go-logr/zapr](https://togithub.com/go-logr/zapr) | require
| minor | `v1.2.4` -> `v1.3.0` |
| [github.com/gorilla/mux](https://togithub.com/gorilla/mux) | require |
patch | `v1.8.0` -> `v1.8.1` |
| [github.com/jackc/pgx/v5](https://togithub.com/jackc/pgx) | require |
minor | `v5.4.3` -> `v5.5.0` |
| [github.com/lestrrat-go/jwx/v2](https://togithub.com/lestrrat-go/jwx)
| require | patch | `v2.0.15` -> `v2.0.16` |
| [github.com/pterm/pterm](https://togithub.com/pterm/pterm) | require |
patch | `v0.12.69` -> `v0.12.70` |
| [github.com/rivo/tview](https://togithub.com/rivo/tview) | require |
digest | `8b7bcf9` -> `1b91b81` |
| [github.com/twmb/franz-go](https://togithub.com/twmb/franz-go) |
require | patch | `v1.15.1` -> `v1.15.2` |
| [github.com/vektra/mockery/v2](https://togithub.com/vektra/mockery) |
require | patch | `v2.36.0` -> `v2.36.1` |
| golang.org/x/sync | require | minor | `v0.4.0` -> `v0.5.0` |
|
[google.golang.org/genproto/googleapis/api](https://togithub.com/googleapis/go-genproto)
| require | digest | `49dd2c1` -> `d783a09` |
| [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) | require |
minor | `v1.26.0` -> `v1.27.0` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>aws/aws-sdk-go (github.com/aws/aws-sdk-go)</summary>

###
[`v1.47.3`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1473-2023-11-03)

[Compare
Source](https://togithub.com/aws/aws-sdk-go/compare/v1.47.2...v1.47.3)

\===

##### Service Client Updates

-   `service/config`: Updates service API
-   `service/connect`: Updates service API and documentation
-   `service/iotwireless`: Updates service API and documentation
-   `service/launch-wizard`: Adds new service

###
[`v1.47.2`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1472-2023-11-02)

[Compare
Source](https://togithub.com/aws/aws-sdk-go/compare/v1.47.1...v1.47.2)

\===

##### Service Client Updates

-   `service/apprunner`: Updates service API and documentation
-   `service/connect`: Updates service documentation
-   `service/gamelift`: Updates service API and documentation
- Amazon GameLift adds support for shared credentials, which allows
applications that are deployed on managed EC2 fleets to interact with
other AWS resources.
-   `service/glue`: Updates service API and documentation
- This release introduces Google BigQuery Source and Target in AWS Glue
CodeGenConfigurationNode.
-   `service/network-firewall`: Updates service API and documentation
-   `service/quicksight`: Updates service API and documentation
- Got confirmed from qmeixua@ about custom week features, and tested
locally with aws cli and java sdk that the subtypes are showing up.

##### SDK Enhancements

- `aws/ec2metadata`: Added environment and shared config support for
disabling IMDSv1 fallback.
- Use env `AWS_EC2_METADATA_V1_DISABLED` or shared config
`ec2_metadata_v1_disabled` accordingly.

###
[`v1.47.1`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1471-2023-11-01)

[Compare
Source](https://togithub.com/aws/aws-sdk-go/compare/v1.47.0...v1.47.1)

\===

##### Service Client Updates

- `service/connect`: Updates service API, documentation, and paginators
- `service/globalaccelerator`: Updates service API, documentation, and
paginators
- `service/rds`: Updates service API, documentation, waiters,
paginators, and examples
- This release adds support for customized networking resources to
Amazon RDS Custom.
-   `service/redshift`: Updates service API and documentation
- Added support for Multi-AZ deployments for Provisioned RA3 clusters
that provide 99.99% SLA availability.
-   `service/sagemaker`: Updates service API and documentation
    -   Support for batch transform input in Model dashboard

###
[`v1.47.0`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1470-2023-10-31)

[Compare
Source](https://togithub.com/aws/aws-sdk-go/compare/v1.46.7...v1.47.0)

\===

##### Service Client Updates

- `service/amplify`: Updates service API, documentation, and paginators
- `service/application-insights`: Updates service API and documentation
-   `service/ec2`: Updates service API, documentation, and paginators
- Capacity Blocks for ML are a new EC2 purchasing option for reserving
GPU instances on a future date to support short duration machine
learning (ML) workloads. Capacity Blocks automatically place instances
close together inside Amazon EC2 UltraClusters for low-latency,
high-throughput networking.
-   `service/m2`: Updates service API and documentation
-   `service/neptunedata`: Updates service API and documentation
-   `service/translate`: Updates service API and documentation

##### SDK Features

-   `aws`: Bump minimum go version to 1.19.
- See
https://aws.amazon.com/blogs/developer/aws-sdk-for-go-aligns-with-go-release-policy-on-supported-runtimes/.

###
[`v1.46.7`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1467-2023-10-30)

[Compare
Source](https://togithub.com/aws/aws-sdk-go/compare/v1.46.6...v1.46.7)

\===

##### Service Client Updates

-   `service/connect`: Updates service API and documentation
-   `service/dataexchange`: Updates service API and documentation
-   `service/datasync`: Updates service API and documentation
-   `service/finspace`: Updates service API and documentation
-   `service/mediapackagev2`: Updates service API and documentation
- `service/rds`: Updates service API, documentation, waiters,
paginators, and examples
- This release launches the CreateIntegration, DeleteIntegration, and
DescribeIntegrations APIs to manage zero-ETL Integrations.
- `service/redshift-serverless`: Updates service API, documentation, and
paginators
-   `service/resiliencehub`: Updates service API and documentation
-   `service/s3outposts`: Updates service API and documentation
-   `service/wisdom`: Updates service documentation

</details>

<details>
<summary>bufbuild/protovalidate-go
(github.com/bufbuild/protovalidate-go)</summary>

###
[`v0.4.0`](https://togithub.com/bufbuild/protovalidate-go/releases/tag/v0.4.0)

[Compare
Source](https://togithub.com/bufbuild/protovalidate-go/compare/v0.3.4...v0.4.0)

#### What's Changed

- Fix bug where cel expression cannot compile for fields of type
google.protobuf.Any by
[@&#8203;oliversun9](https://togithub.com/oliversun9) in
[https://github.com/bufbuild/protovalidate-go/pull/65](https://togithub.com/bufbuild/protovalidate-go/pull/65)
- Link to connect/validate-go by
[@&#8203;emcfarlane](https://togithub.com/emcfarlane) in
[https://github.com/bufbuild/protovalidate-go/pull/66](https://togithub.com/bufbuild/protovalidate-go/pull/66)
- Run CI on Go 1.19 by
[@&#8203;akshayjshah](https://togithub.com/akshayjshah) in
[https://github.com/bufbuild/protovalidate-go/pull/72](https://togithub.com/bufbuild/protovalidate-go/pull/72)
- Use make lint in CI instead of golangci-lint action by
[@&#8203;oliversun9](https://togithub.com/oliversun9) in
[https://github.com/bufbuild/protovalidate-go/pull/70](https://togithub.com/bufbuild/protovalidate-go/pull/70)
- Add isIpPrefix by [@&#8203;higebu](https://togithub.com/higebu) in
[https://github.com/bufbuild/protovalidate-go/pull/53](https://togithub.com/bufbuild/protovalidate-go/pull/53)

#### New Contributors

- [@&#8203;higebu](https://togithub.com/higebu) made their first
contribution in
[https://github.com/bufbuild/protovalidate-go/pull/53](https://togithub.com/bufbuild/protovalidate-go/pull/53)

**Full Changelog**:
bufbuild/protovalidate-go@v0.3.4...v0.4.0

###
[`v0.3.4`](https://togithub.com/bufbuild/protovalidate-go/releases/tag/v0.3.4)

[Compare
Source](https://togithub.com/bufbuild/protovalidate-go/compare/v0.3.3...v0.3.4)

#### What's Changed

- Make DefaultResolver public by
[@&#8203;oliversun9](https://togithub.com/oliversun9) in
[https://github.com/bufbuild/protovalidate-go/pull/59](https://togithub.com/bufbuild/protovalidate-go/pull/59)
- Update minimum required Go version from 1.18 to 1.19 by
[@&#8203;nicksnyder](https://togithub.com/nicksnyder) in
[https://github.com/bufbuild/protovalidate-go/pull/62](https://togithub.com/bufbuild/protovalidate-go/pull/62)
- Fix ignore path for resolver.go by
[@&#8203;nicksnyder](https://togithub.com/nicksnyder) in
[https://github.com/bufbuild/protovalidate-go/pull/63](https://togithub.com/bufbuild/protovalidate-go/pull/63)

#### New Contributors

- [@&#8203;nicksnyder](https://togithub.com/nicksnyder) made their first
contribution in
[https://github.com/bufbuild/protovalidate-go/pull/62](https://togithub.com/bufbuild/protovalidate-go/pull/62)

**Full Changelog**:
bufbuild/protovalidate-go@v0.3.3...v0.3.4

###
[`v0.3.3`](https://togithub.com/bufbuild/protovalidate-go/releases/tag/v0.3.3)

[Compare
Source](https://togithub.com/bufbuild/protovalidate-go/compare/v0.3.2...v0.3.3)

#### What's Changed

- Update benchmarks by [@&#8203;rodaine](https://togithub.com/rodaine)
in
[https://github.com/bufbuild/protovalidate-go/pull/50](https://togithub.com/bufbuild/protovalidate-go/pull/50)
- Bug: transitive field CEL expressions fail to resolve types during
type checking by [@&#8203;rodaine](https://togithub.com/rodaine) in
[https://github.com/bufbuild/protovalidate-go/pull/51](https://togithub.com/bufbuild/protovalidate-go/pull/51)
- Fix loading field message when dependency is more than one step by
[@&#8203;oliversun9](https://togithub.com/oliversun9) in
[https://github.com/bufbuild/protovalidate-go/pull/54](https://togithub.com/bufbuild/protovalidate-go/pull/54)
- Bump github.com/google/cel-go from 0.18.0 to 0.18.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/bufbuild/protovalidate-go/pull/55](https://togithub.com/bufbuild/protovalidate-go/pull/55)
- Make constraint resolution more flexible to different concrete
extension types by [@&#8203;rodaine](https://togithub.com/rodaine) in
[https://github.com/bufbuild/protovalidate-go/pull/57](https://togithub.com/bufbuild/protovalidate-go/pull/57)
- Move package `celext` out of internal by
[@&#8203;oliversun9](https://togithub.com/oliversun9) in
[https://github.com/bufbuild/protovalidate-go/pull/56](https://togithub.com/bufbuild/protovalidate-go/pull/56)

#### New Contributors

- [@&#8203;oliversun9](https://togithub.com/oliversun9) made their first
contribution in
[https://github.com/bufbuild/protovalidate-go/pull/54](https://togithub.com/bufbuild/protovalidate-go/pull/54)

**Full Changelog**:
bufbuild/protovalidate-go@v0.3.2...v0.3.3

###
[`v0.3.2`](https://togithub.com/bufbuild/protovalidate-go/releases/tag/v0.3.2)

[Compare
Source](https://togithub.com/bufbuild/protovalidate-go/compare/v0.3.1...v0.3.2)

#### What's Changed

- Build validator copy cache on write by
[@&#8203;emcfarlane](https://togithub.com/emcfarlane) in
[https://github.com/bufbuild/protovalidate-go/pull/31](https://togithub.com/bufbuild/protovalidate-go/pull/31)
- Bump github.com/google/cel-go from 0.17.4 to 0.17.6 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/bufbuild/protovalidate-go/pull/39](https://togithub.com/bufbuild/protovalidate-go/pull/39)
- Bump github.com/google/cel-go from 0.17.6 to 0.18.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/bufbuild/protovalidate-go/pull/42](https://togithub.com/bufbuild/protovalidate-go/pull/42)
- Bump buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go from
1.31.0-20230824200731-b9b8148056b9.1 to
1.31.0-20230830185350-7a34d6557349.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/bufbuild/protovalidate-go/pull/41](https://togithub.com/bufbuild/protovalidate-go/pull/41)
- Bypass deprecation lint warning by
[@&#8203;akshayjshah](https://togithub.com/akshayjshah) in
[https://github.com/bufbuild/protovalidate-go/pull/45](https://togithub.com/bufbuild/protovalidate-go/pull/45)
- Bump actions/checkout from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/bufbuild/protovalidate-go/pull/46](https://togithub.com/bufbuild/protovalidate-go/pull/46)
- Cleanup: replace deprecated OptCheckStringFormat by
[@&#8203;rodaine](https://togithub.com/rodaine) in
[https://github.com/bufbuild/protovalidate-go/pull/48](https://togithub.com/bufbuild/protovalidate-go/pull/48)
- Conformance: support for multiple uniques by
[@&#8203;rodaine](https://togithub.com/rodaine) in
[https://github.com/bufbuild/protovalidate-go/pull/49](https://togithub.com/bufbuild/protovalidate-go/pull/49)

#### New Contributors

- [@&#8203;emcfarlane](https://togithub.com/emcfarlane) made their first
contribution in
[https://github.com/bufbuild/protovalidate-go/pull/31](https://togithub.com/bufbuild/protovalidate-go/pull/31)
- [@&#8203;akshayjshah](https://togithub.com/akshayjshah) made their
first contribution in
[https://github.com/bufbuild/protovalidate-go/pull/45](https://togithub.com/bufbuild/protovalidate-go/pull/45)

**Full Changelog**:
bufbuild/protovalidate-go@v0.3.1...v0.3.2

</details>

<details>
<summary>cerbos/cloud-api (github.com/cerbos/cloud-api)</summary>

###
[`v0.1.9`](https://togithub.com/cerbos/cloud-api/compare/v0.1.8...v0.1.9)

[Compare
Source](https://togithub.com/cerbos/cloud-api/compare/v0.1.8...v0.1.9)

</details>

<details>
<summary>go-logr/zapr (github.com/go-logr/zapr)</summary>

### [`v1.3.0`](https://togithub.com/go-logr/zapr/releases/tag/v1.3.0)

[Compare
Source](https://togithub.com/go-logr/zapr/compare/v1.2.4...v1.3.0)

This release adds [support for
slog](https://togithub.com/go-logr/logr#slog-interoperability). zapr
implements `slogr.SlogSink` and therefore can be used through
[`slogr.NewSlogHandler`](https://pkg.go.dev/github.com/go-logr/[email protected]/slogr#NewSlogHandler)
as backend for slog.

#### What's Changed

- Added dependabot by [@&#8203;Neo2308](https://togithub.com/Neo2308) in
[https://github.com/go-logr/zapr/pull/63](https://togithub.com/go-logr/zapr/pull/63)
- Updated min supported version to go 1.18 by
[@&#8203;Neo2308](https://togithub.com/Neo2308) in
[https://github.com/go-logr/zapr/pull/62](https://togithub.com/go-logr/zapr/pull/62)
- update linter config and fix issues by
[@&#8203;pohly](https://togithub.com/pohly) in
[https://github.com/go-logr/zapr/pull/61](https://togithub.com/go-logr/zapr/pull/61)
- Bump github.com/go-logr/logr from 1.2.4 to 1.3.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/go-logr/zapr/pull/71](https://togithub.com/go-logr/zapr/pull/71)
- support slog by [@&#8203;pohly](https://togithub.com/pohly) in
[https://github.com/go-logr/zapr/pull/60](https://togithub.com/go-logr/zapr/pull/60)

***

- Bump github.com/stretchr/testify from 1.8.0 to 1.8.4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/go-logr/zapr/pull/65](https://togithub.com/go-logr/zapr/pull/65)
- Bump actions/checkout from 2 to 3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/go-logr/zapr/pull/66](https://togithub.com/go-logr/zapr/pull/66)
- Bump actions/setup-go from 2 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/go-logr/zapr/pull/67](https://togithub.com/go-logr/zapr/pull/67)
- Bump golangci/golangci-lint-action from 2 to 3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/go-logr/zapr/pull/68](https://togithub.com/go-logr/zapr/pull/68)
- Bump actions/checkout from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/go-logr/zapr/pull/69](https://togithub.com/go-logr/zapr/pull/69)
- Bump go.uber.org/zap from 1.24.0 to 1.25.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/go-logr/zapr/pull/64](https://togithub.com/go-logr/zapr/pull/64)
- Bump go.uber.org/zap from 1.25.0 to 1.26.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/go-logr/zapr/pull/70](https://togithub.com/go-logr/zapr/pull/70)

#### New Contributors

- [@&#8203;Neo2308](https://togithub.com/Neo2308) made their first
contribution in
[https://github.com/go-logr/zapr/pull/63](https://togithub.com/go-logr/zapr/pull/63)
- [@&#8203;dependabot](https://togithub.com/dependabot) made their first
contribution in
[https://github.com/go-logr/zapr/pull/65](https://togithub.com/go-logr/zapr/pull/65)

**Full Changelog**:
go-logr/zapr@v1.2.4...v1.3.0

</details>

<details>
<summary>google/cel-go (github.com/google/cel-go)</summary>

### [`v0.18.1`](https://togithub.com/google/cel-go/releases/tag/v0.18.1)

[Compare
Source](https://togithub.com/google/cel-go/compare/v0.18.0...v0.18.1)

#### What's Changed

- Add support for a relative offset within ast.SourceInfo by
\[[#&#8203;836](https://togithub.com/google/cel-go/issues/836)]
- Fix last optional element to be retained as an optional index while
folding \[[#&#8203;841](https://togithub.com/google/cel-go/issues/841)]
- Fix deprecation notice for string format validation
\[[#&#8203;840](https://togithub.com/google/cel-go/issues/840)]
- Update cel-spec and enable wrappers conformance tests
\[[#&#8203;842](https://togithub.com/google/cel-go/issues/842)]
- refactor: remove lexer and parser pools
\[[#&#8203;838](https://togithub.com/google/cel-go/issues/838)]

#### New Contributors

- [@&#8203;TulgaCG](https://togithub.com/TulgaCG) made their first
contribution in
[https://github.com/google/cel-go/pull/835](https://togithub.com/google/cel-go/pull/835)
- [@&#8203;aimuz](https://togithub.com/aimuz) made their first
contribution in
[https://github.com/google/cel-go/pull/838](https://togithub.com/google/cel-go/pull/838)

**Full Changelog**:
google/cel-go@v0.18.0...v0.18.1

### [`v0.18.0`](https://togithub.com/google/cel-go/releases/tag/v0.18.0)

[Compare
Source](https://togithub.com/google/cel-go/compare/v0.17.7...v0.18.0)

#### Features

The latest release of CEL introduces validators
([#&#8203;775](https://togithub.com/google/cel-go/issues/775)) and
optimizers
([#&#8203;804](https://togithub.com/google/cel-go/issues/804),
[#&#8203;827](https://togithub.com/google/cel-go/issues/827)) and
migrates the core CEL internals off of the
protobuf expression and type representations
([#&#8203;789](https://togithub.com/google/cel-go/issues/789)).

- String format validator
\[[#&#8203;775](https://togithub.com/google/cel-go/issues/775)]
- Create a Function that Reverses a String
\[[#&#8203;796](https://togithub.com/google/cel-go/issues/796)]
- Introduce pre-order / post-order visitor pattern
\[[#&#8203;813](https://togithub.com/google/cel-go/issues/813)]
- Add Libraries() function to Env
\[[#&#8203;822](https://togithub.com/google/cel-go/issues/822)]
- Static optimizer for constant folding
\[[#&#8203;804](https://togithub.com/google/cel-go/issues/804)]
- Inlining optimizer
\[[#&#8203;827](https://togithub.com/google/cel-go/issues/827)]
- FindStructTypeFields support for types.Provider
\[[#&#8203;814](https://togithub.com/google/cel-go/issues/814)]

#### Breaking Changes

The following PR changes the API signature of the `checker.AstNode`
method `Expr` to return an `ast.Expr`.

- Migrate the checker.Coster to the ast.Expr
\[[#&#8203;798](https://togithub.com/google/cel-go/issues/798)]

#### Fixes

- Nil safety checks for cel.Ast
\[[#&#8203;784](https://togithub.com/google/cel-go/issues/784)]
- Fix cost estimates to propagate result sizes
\[[#&#8203;787](https://togithub.com/google/cel-go/issues/787)]
- Catch invalid literals created from expression factories
\[[#&#8203;810](https://togithub.com/google/cel-go/issues/810)]
- Ensure stable ordering of overload candidates
\[[#&#8203;817](https://togithub.com/google/cel-go/issues/817)]
- Clarify replace with/by empty string
\[[#&#8203;820](https://togithub.com/google/cel-go/issues/820)]
- Fix functional exemptions for homogeneous literal checks
\[[#&#8203;832](https://togithub.com/google/cel-go/issues/832)]
- Fix logical operator folding that only involve literals
\[[#&#8203;833](https://togithub.com/google/cel-go/issues/833)]
- Upgrade go-genproto to latest
\[[#&#8203;831](https://togithub.com/google/cel-go/issues/831)]

#### New Contributors

- [@&#8203;bboogler](https://togithub.com/bboogler) made their first
contribution in
[https://github.com/google/cel-go/pull/796](https://togithub.com/google/cel-go/pull/796)

**Full Changelog**:
google/cel-go@v0.17.1...v0.18.0

### [`v0.17.7`](https://togithub.com/google/cel-go/releases/tag/v0.17.7)

[Compare
Source](https://togithub.com/google/cel-go/compare/v0.17.6...v0.17.7)

#### What's Changed

- Backport [#&#8203;850](https://togithub.com/google/cel-go/issues/850):
Sets cost estimation and tracking options
\[[#&#8203;852](https://togithub.com/google/cel-go/issues/852)]

**Full Changelog**:
google/cel-go@v0.17.6...v0.17.7

</details>

<details>
<summary>gorilla/mux (github.com/gorilla/mux)</summary>

### [`v1.8.1`](https://togithub.com/gorilla/mux/releases/tag/v1.8.1)

[Compare
Source](https://togithub.com/gorilla/mux/compare/v1.8.0...v1.8.1)

#### What's Changed

- build: CircleCI 2.1 + build matrix by
[@&#8203;elithrar](https://togithub.com/elithrar) in
[https://github.com/gorilla/mux/pull/595](https://togithub.com/gorilla/mux/pull/595)
- Include "404" and "405" in the docs by
[@&#8203;Jille](https://togithub.com/Jille) in
[https://github.com/gorilla/mux/pull/602](https://togithub.com/gorilla/mux/pull/602)
- docs: update README w.r.t new maintainer ask by
[@&#8203;elithrar](https://togithub.com/elithrar) in
[https://github.com/gorilla/mux/pull/660](https://togithub.com/gorilla/mux/pull/660)
- regexp: use iota instead of hardcoded values for regexType\* by
[@&#8203;michaelgrigoryan25](https://togithub.com/michaelgrigoryan25) in
[https://github.com/gorilla/mux/pull/679](https://togithub.com/gorilla/mux/pull/679)
- Fix `authenticationMiddleware` initialization in the `README.md` file
by [@&#8203;amustaque97](https://togithub.com/amustaque97) in
[https://github.com/gorilla/mux/pull/693](https://togithub.com/gorilla/mux/pull/693)
- Update README.md by
[@&#8203;coreydaley](https://togithub.com/coreydaley) in
[https://github.com/gorilla/mux/pull/713](https://togithub.com/gorilla/mux/pull/713)
- \[GPT-95] Update go version, add tools for verification and testing by
[@&#8203;apoorvajagtap](https://togithub.com/apoorvajagtap) in
[https://github.com/gorilla/mux/pull/718](https://togithub.com/gorilla/mux/pull/718)
- Delete release-drafter.yml by
[@&#8203;coreydaley](https://togithub.com/coreydaley) in
[https://github.com/gorilla/mux/pull/719](https://togithub.com/gorilla/mux/pull/719)
- Delete stale.yml by
[@&#8203;coreydaley](https://togithub.com/coreydaley) in
[https://github.com/gorilla/mux/pull/720](https://togithub.com/gorilla/mux/pull/720)
- Delete AUTHORS by
[@&#8203;coreydaley](https://togithub.com/coreydaley) in
[https://github.com/gorilla/mux/pull/721](https://togithub.com/gorilla/mux/pull/721)
- Update LICENSE by
[@&#8203;coreydaley](https://togithub.com/coreydaley) in
[https://github.com/gorilla/mux/pull/722](https://togithub.com/gorilla/mux/pull/722)
- Updated the logo in README.md by
[@&#8203;shamkarthik](https://togithub.com/shamkarthik) in
[https://github.com/gorilla/mux/pull/724](https://togithub.com/gorilla/mux/pull/724)
- Update LICENSE by
[@&#8203;coreydaley](https://togithub.com/coreydaley) in
[https://github.com/gorilla/mux/pull/723](https://togithub.com/gorilla/mux/pull/723)
- Update issues.yml by
[@&#8203;coreydaley](https://togithub.com/coreydaley) in
[https://github.com/gorilla/mux/pull/726](https://togithub.com/gorilla/mux/pull/726)
- Update issues.yml by
[@&#8203;coreydaley](https://togithub.com/coreydaley) in
[https://github.com/gorilla/mux/pull/727](https://togithub.com/gorilla/mux/pull/727)
- run go fmt with Go 1.20 by
[@&#8203;shogo82148](https://togithub.com/shogo82148) in
[https://github.com/gorilla/mux/pull/725](https://togithub.com/gorilla/mux/pull/725)
- Fix `Single Page Application` example in `README.md` file by
[@&#8203;amustaque97](https://togithub.com/amustaque97) in
[https://github.com/gorilla/mux/pull/678](https://togithub.com/gorilla/mux/pull/678)
- \[BUG] Inconsistent HTTP status code on query mismatch by
[@&#8203;soheilrt](https://togithub.com/soheilrt) in
[https://github.com/gorilla/mux/pull/712](https://togithub.com/gorilla/mux/pull/712)
- Clarify documentation examples of Route methods by
[@&#8203;andrew-werdna](https://togithub.com/andrew-werdna) in
[https://github.com/gorilla/mux/pull/672](https://togithub.com/gorilla/mux/pull/672)
- changed the routeVariables text content. by
[@&#8203;sumanpaikdev](https://togithub.com/sumanpaikdev) in
[https://github.com/gorilla/mux/pull/708](https://togithub.com/gorilla/mux/pull/708)
- Add GetVarNames() by [@&#8203;eh-steve](https://togithub.com/eh-steve)
in
[https://github.com/gorilla/mux/pull/676](https://togithub.com/gorilla/mux/pull/676)
- fix SPA handler in README.md by
[@&#8203;sy9](https://togithub.com/sy9) in
[https://github.com/gorilla/mux/pull/733](https://togithub.com/gorilla/mux/pull/733)
- update GitHub workflows by
[@&#8203;coreydaley](https://togithub.com/coreydaley) in
[https://github.com/gorilla/mux/pull/734](https://togithub.com/gorilla/mux/pull/734)

#### New Contributors

- [@&#8203;Jille](https://togithub.com/Jille) made their first
contribution in
[https://github.com/gorilla/mux/pull/602](https://togithub.com/gorilla/mux/pull/602)
- [@&#8203;michaelgrigoryan25](https://togithub.com/michaelgrigoryan25)
made their first contribution in
[https://github.com/gorilla/mux/pull/679](https://togithub.com/gorilla/mux/pull/679)
- [@&#8203;amustaque97](https://togithub.com/amustaque97) made their
first contribution in
[https://github.com/gorilla/mux/pull/693](https://togithub.com/gorilla/mux/pull/693)
- [@&#8203;coreydaley](https://togithub.com/coreydaley) made their first
contribution in
[https://github.com/gorilla/mux/pull/713](https://togithub.com/gorilla/mux/pull/713)
- [@&#8203;apoorvajagtap](https://togithub.com/apoorvajagtap) made their
first contribution in
[https://github.com/gorilla/mux/pull/718](https://togithub.com/gorilla/mux/pull/718)
- [@&#8203;shamkarthik](https://togithub.com/shamkarthik) made their
first contribution in
[https://github.com/gorilla/mux/pull/724](https://togithub.com/gorilla/mux/pull/724)
- [@&#8203;shogo82148](https://togithub.com/shogo82148) made their first
contribution in
[https://github.com/gorilla/mux/pull/725](https://togithub.com/gorilla/mux/pull/725)
- [@&#8203;soheilrt](https://togithub.com/soheilrt) made their first
contribution in
[https://github.com/gorilla/mux/pull/712](https://togithub.com/gorilla/mux/pull/712)
- [@&#8203;andrew-werdna](https://togithub.com/andrew-werdna) made their
first contribution in
[https://github.com/gorilla/mux/pull/672](https://togithub.com/gorilla/mux/pull/672)
- [@&#8203;sumanpaikdev](https://togithub.com/sumanpaikdev) made their
first contribution in
[https://github.com/gorilla/mux/pull/708](https://togithub.com/gorilla/mux/pull/708)
- [@&#8203;eh-steve](https://togithub.com/eh-steve) made their first
contribution in
[https://github.com/gorilla/mux/pull/676](https://togithub.com/gorilla/mux/pull/676)
- [@&#8203;sy9](https://togithub.com/sy9) made their first contribution
in
[https://github.com/gorilla/mux/pull/733](https://togithub.com/gorilla/mux/pull/733)

**Full Changelog**:
gorilla/mux@v1.8.0...v1.8.1

</details>

<details>
<summary>jackc/pgx (github.com/jackc/pgx/v5)</summary>

### [`v5.5.0`](https://togithub.com/jackc/pgx/compare/v5.4.3...v5.5.0)

[Compare Source](https://togithub.com/jackc/pgx/compare/v5.4.3...v5.5.0)

</details>

<details>
<summary>lestrrat-go/jwx (github.com/lestrrat-go/jwx/v2)</summary>

###
[`v2.0.16`](https://togithub.com/lestrrat-go/jwx/releases/tag/v2.0.16)

[Compare
Source](https://togithub.com/lestrrat-go/jwx/compare/v2.0.15...v2.0.16)

    v2.0.16 31 Oct 2023
    [Security]
* [jws] ECDSA signature verification requires us to check if the
signature
is of the desired length of bytes, but this check that used to exist
before
had been removed in #&#8203;65, resulting in certain malformed
signatures to pass
        verification.

One of the ways this could happen if R is a 31 byte integer and S is 32
byte integer,
both containing the correct signature values, but R is not zero-padded.

           Correct = R: [ 0 , ... ] (32 bytes) S: [ ... ] (32 bytes)
           Wrong   = R: [ ... ] (31 bytes)     S: [ ... ] (32 bytes)

In order for this check to pass, you would still need to have all 63
bytes
populated with the correct signature. The only modification a bad actor
may be able to do is to add one more byte at the end, in which case the
first 32 bytes (including what would have been S's first byte) is used
for R,
and S would contain the rest. But this will only result in the
verification to
fail. Therefore this in itself should not pose any security risk, albeit
        allowing some illegally formated messages to be verified.

* [jwk] `jwk.Key` objects now have a `Validate()` method to validate the
data
stored in the keys. However, this still does not necessarily mean that
the key's
are valid for use in cryptographic operations. If `Validate()` is
successful,
it only means that the keys are in the right _format_, including the
presence
of required fields and that certain fields have proper length, etc.

    [New Features]
* [jws] Added `jws.WithValidateKey()` to force calling `key.Validate()`
before
        signing or verification.

* [jws] `jws.Sign()` now returns a special type of error that can hold
the
individual errors from the signers. The stringification is still the
same
        as before to preserve backwards compatibility.

* [jwk] Added `jwk.IsKeyValidationError` that checks if an error is an
error
        from `key.Validate()`.

    [Bug Fixes]
* [jwt] `jwt.ParseInsecure()` was running verification if you provided a
key
        via `jwt.WithKey()` or `jwt.WithKeySet()` (#&#8203;1007)

</details>

<details>
<summary>pterm/pterm (github.com/pterm/pterm)</summary>

###
[`v0.12.70`](https://togithub.com/pterm/pterm/releases/tag/v0.12.70):
Heatmap Printer 🎉

[Compare
Source](https://togithub.com/pterm/pterm/compare/v0.12.69...v0.12.70)

<!-- Release notes generated using configuration in .github/release.yml
at master -->

#### What's Changed

##### Exciting New Features 🎉

- Feature: Default value for interactive text input by
[@&#8203;KarolosLykos](https://togithub.com/KarolosLykos) in
[https://github.com/pterm/pterm/pull/577](https://togithub.com/pterm/pterm/pull/577)
- Added a heatmap printer by
[@&#8203;floaust](https://togithub.com/floaust) in
[https://github.com/pterm/pterm/pull/487](https://togithub.com/pterm/pterm/pull/487)

<img width="800"
src="https://github.com/pterm/pterm/assets/56639481/c994c395-3b94-4b27-af20-4ae5fd6fc0be"
/>

##### Fixes 🔧
* fix(heatmap): fix bug legend was not fully boxed by
@&#8203;floau[https://github.com/pterm/pterm/pull/583](https://togithub.com/pterm/pterm/pull/583)ll/583
* fix(heatmap): fix bug legend was too long by
@&#8203;floau[https://github.com/pterm/pterm/pull/585](https://togithub.com/pterm/pterm/pull/585)ll/585

**Full Changelog**:
pterm/pterm@v0.12.69...v0.12.70

</details>

<details>
<summary>twmb/franz-go (github.com/twmb/franz-go)</summary>

###
[`v1.15.2`](https://togithub.com/twmb/franz-go/blob/HEAD/CHANGELOG.md#v1152)

[Compare
Source](https://togithub.com/twmb/franz-go/compare/v1.15.1...v1.15.2)

\===

This patch release fixes two bugs and changes Mark functions to be
no-ops when
not using AutoCommitMarks to avoid confusion. This also includes a minor
commit
further improving the sticky balancer. See the commits for more details.

- [`72778cb`](https://togithub.com/twmb/franz-go/commit/72778cb)
**behavior change** kgo: no-op mark functions when not using
AutoCommitMarks
- [`e209bb6`](https://togithub.com/twmb/franz-go/commit/e209bb6)
**bugfix** kgo: pin AddPartitionsToTxn to v3 when using one transaction
- [`36b4437`](https://togithub.com/twmb/franz-go/commit/36b4437) sticky:
further improvements
- [`af5bc1f`](https://togithub.com/twmb/franz-go/commit/af5bc1f)
**bugfix** kgo: be sure to use topics when other topics are paused

</details>

<details>
<summary>vektra/mockery (github.com/vektra/mockery/v2)</summary>

###
[`v2.36.1`](https://togithub.com/vektra/mockery/releases/tag/v2.36.1)

[Compare
Source](https://togithub.com/vektra/mockery/compare/v2.36.0...v2.36.1)

#### Changelog

- [`b648c23`](https://togithub.com/vektra/mockery/commit/b648c23) Add
additional test
- [`0310201`](https://togithub.com/vektra/mockery/commit/0310201) Add
fix for showconfig command
- [`d3515d1`](https://togithub.com/vektra/mockery/commit/d3515d1) Fix
bug with sub-package inheritance
- [`77064ad`](https://togithub.com/vektra/mockery/commit/77064ad) Fix
config bug where mockery crashes when package map is nil
- [`5978bc5`](https://togithub.com/vektra/mockery/commit/5978bc5) Fix
test with config initialization
- [`deb4860`](https://togithub.com/vektra/mockery/commit/deb4860) Merge
pull request
[#&#8203;730](https://togithub.com/vektra/mockery/issues/730) from
LandonTClipp/issue\_726
- [`e86d230`](https://togithub.com/vektra/mockery/commit/e86d230)
Simplifying some config in interface copying code
- [`726d76c`](https://togithub.com/vektra/mockery/commit/726d76c) Update
running.md
- [`2dd8f00`](https://togithub.com/vektra/mockery/commit/2dd8f00) Use
gotestsum for better testing output

</details>

<details>
<summary>cznic/sqlite (modernc.org/sqlite)</summary>

###
[`v1.27.0`](https://gitlab.com/cznic/sqlite/compare/v1.26.0...v1.27.0)

[Compare
Source](https://gitlab.com/cznic/sqlite/compare/v1.26.0...v1.27.0)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/cerbos/cerbos).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMS41IiwidXBkYXRlZEluVmVyIjoiMzcuNDYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

---------

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oğuzhan Durgun <[email protected]>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Oğuzhan Durgun <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant